13 matches found
EUVD-2020-19779
Malware in sbrugna...
EUVD-2020-19781
Malware in sbrugna...
CVE-2023-4345
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
CVE-2020-27266
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass user authentication checks via Bluetooth Low Energy...
CVE-2023-4345
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
Design/Logic Flaw
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
CVE-2023-4345 Broadcom RAID Controller web interface is vulnerable client-side control bypass
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user...
CVE-2021-43355
Fresenius Kabi Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the data because users might not support or block JavaScript or intentionally bypa...
CVE-2021-43355
The CVE-2021-43355 entry concerns Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) v2.0.1.3, where client-side input validation is performed without server-side authentication, allowing a user to bypass checks and login with service privileges. The root cause is misuse of client-side ...
CVE-2020-27268
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass checks for default PINs via Bluetooth Low Energy...
CVE-2020-27268
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass checks for default PINs via Bluetooth Low Energy...
CVE-2020-27268
The CVE-2020-27268 entry concerns a client-side control vulnerability in SOOIL Dana Diabecare RS insulin pump and its AnyDana-i/AnyDana-A mobile apps. The issue allows physically proximate attackers to bypass authentication checks for default PINs via Bluetooth Low Energy , enabling potential una...
CVE-2020-14485
OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass client-side access controls or use a crafted request to initiate a session with limited functionality, which may allow execution of admin functions such as SQL queries...